Mozilla Plugs Firefox Code Execution Hole

A new version of the open-source Firefox browser ships with "significant security and stability improvements."

Mozilla has released a new version of the Firefox Web browser with what is described as "significant security and stability improvements."

Details on the security vulnerabilities being patched were not available April 13 when Firefox was shipped as a high-priority update. However, a source told eWEEK that the most serious flaw could allow "remote code execution" attacks.

A Mozilla spokesperson said information on the security patches will be publicly released soon.

Firefox also includes native support for Macintosh with Intel Core processors and improvements to product stability.

The upgrade is available for Windows, Mac and Linux for as a free download from the Get Firefox marketing site.

Users already running Firefox 1.5 will receive an automated update notification within 24 to 48 hours.

The new version can also be applied manually by selecting "Check for Updates" from the Help menu.

"Mozilla Corporation is also strongly recommending that Firefox 1.0 users upgrade to this latest release of Firefox 1.5 in order to take advantage of significant security and stability improvements," the spokesperson said.

/zimages/6/28571.gifClick here to read more about security gaps in the Firefox 1.5 browser.

She said the browser makeover includes several improvements for the Japanese locale, and fixes common crashes performance, including several known memory leak issues.

/zimages/6/28571.gifCheck out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at Security Center Editor Larry Seltzers Weblog.